3party/mongoose
0
0
Fork 0
mirror of https://github.com/cesanta/mongoose.git synced 2025-01-15 02:08:08 +08:00
Code Issues Projects Releases Wiki Activity

Merge branch 'dev'

Browse Source
This commit is contained in:
Sergey Lyubka 2020-05-21 16:45:34 +01:00
commit 80d74e9e34
12 changed files with 335 additions and 181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -61,8 +61,11 @@ the functionality:
# Contributions
To submit contributions, sign [Cesanta CLA](https://cesanta.com/cla.html)
and send GitHub pull request.
Contributions are welcome! Please follow the guidelines below:
- Sign [Cesanta CLA](https://cesanta.com/cla.html) and send GitHub pull request
- When making pull requests, please make sure that it has only one commit,
and imlements/fixes only one piece of functionality
# Looking for a pre-compiled Mongoose web server Windows or Mac binary?
- [Download pre-compiled Mongoose web server binary.](https://www.cesanta.com/binary.html)

4
examples/http_proxy_client/Makefile Normal file
View File

@ -0,0 +1,4 @@
PROG = http_proxy_client
#SSL_LIB=openssl
CFLAGS_EXTRA = -DMG_ENABLE_CALLBACK_USERDATA=1
include ../examples.mk

108
examples/http_proxy_client/http_proxy_client.c Normal file
View File

@ -0,0 +1,108 @@
/*
* Copyright (c) 2014 Cesanta Software Limited
* All rights reserved
*
* This program fetches HTTP URLs.
*/
#define MG_ENABLE_CALLBACK_USERDATA 1
#include "mongoose.h"
static int s_exit_flag = 0;
static int s_show_headers = 0;
static void ev_handler(struct mg_connection *c, int ev, void *ev_data,
void *userdata) {
struct http_message *hm = (struct http_message *) ev_data;
switch (ev) {
case MG_EV_CONNECT:
if (*(int *) ev_data != 0) {
fprintf(stderr, "connect() failed: %s\n", strerror(*(int *) ev_data));
s_exit_flag = 1;
} else {
// Stage 2. Connection to the HTTP proxy is established.
// Write CONNECT request, and turn this connection to HTTP.
// NOTE: target URL is passed to us as userdata.
unsigned port = 80;
struct mg_str scheme, host;
mg_parse_uri(mg_mk_str((char *) userdata), &scheme, NULL, &host, &port,
NULL, NULL, NULL);
if (port == 0) port = (scheme.len == 5) ? 443 : 80;
mg_printf(c, "CONNECT %.*s:%u HTTP/1.1\r\n\r\n", (int) host.len, host.p,
port);
// Now set the flag and wait for the connection establishment
c->flags |= MG_F_USER_1;
}
break;
case MG_EV_RECV:
// Stage 3. Check if proxy replied. Here, we don't parse the reply
// for simplicity. Assume success, and write HTTP request.
if (c->flags & MG_F_USER_1) {
struct mg_str host, path;
c->flags &= ~MG_F_USER_1;
mg_parse_uri(mg_mk_str((char *) userdata), NULL, NULL, &host, NULL,
&path, NULL, NULL);
if (path.len == 0) path = mg_mk_str("/");
mg_printf(c, "GET %.*s HTTP/1.0\r\nHost: %.*s\r\n\r\n", (int) path.len,
path.p, (int) host.len, host.p);
mg_set_protocol_http_websocket(c);
}
break;
case MG_EV_HTTP_REPLY:
c->flags |= MG_F_CLOSE_IMMEDIATELY;
if (s_show_headers) {
fwrite(hm->message.p, 1, hm->message.len, stdout);
} else {
fwrite(hm->body.p, 1, hm->body.len, stdout);
}
putchar('\n');
s_exit_flag = 1;
break;
case MG_EV_CLOSE:
if (s_exit_flag == 0) {
printf("Server closed connection\n");
s_exit_flag = 1;
}
break;
default:
break;
}
}
int main(int argc, char *argv[]) {
struct mg_mgr mgr;
int i;
mg_mgr_init(&mgr, NULL);
/* Process command line arguments */
for (i = 1; i < argc; i++) {
if (strcmp(argv[i], "--show-headers") == 0) {
s_show_headers = 1;
} else if (strcmp(argv[i], "--hexdump") == 0 && i + 1 < argc) {
mgr.hexdump_file = argv[++i];
} else {
break;
}
}
if (i + 2 != argc) {
fprintf(stderr,
"Usage: %s [--hexdump <file>] "
"[--show-headers] PROXY_HOST:PROXY_PORT URL\n",
argv[0]);
exit(EXIT_FAILURE);
}
// Stage 1. Connect to the HTTP proxy as to a plain TCP server.
// Pass URL as a callback argument
mg_connect(&mgr, argv[i], ev_handler, argv[i + 1]);
while (s_exit_flag == 0) {
mg_mgr_poll(&mgr, 1000);
}
mg_mgr_free(&mgr);
return 0;
}

46
mongoose.c
View File

@ -4469,10 +4469,13 @@ struct mg_iface *mg_socks_mk_iface(struct mg_mgr *mgr, const char *proxy_addr) {
#endif
#include <openssl/ssl.h>
#include <openssl/err.h>
#ifndef KR_VERSION
#include <openssl/tls1.h>
#endif
static const char *mg_default_session_id_context = "mongoose";
struct mg_ssl_if_ctx {
SSL *ssl;
SSL_CTX *ssl_ctx;
@ -4534,6 +4537,9 @@ enum mg_ssl_if_result mg_ssl_if_conn_init(
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
SSL_CTX_set_session_id_context(ctx->ssl_ctx,
(void *) mg_default_session_id_context,
strlen(mg_default_session_id_context));
#ifdef MG_SSL_OPENSSL_NO_COMPRESSION
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_COMPRESSION);
#endif
@ -4591,6 +4597,17 @@ static enum mg_ssl_if_result mg_ssl_if_ssl_err(struct mg_connection *nc,
int res) {
struct mg_ssl_if_ctx *ctx = (struct mg_ssl_if_ctx *) nc->ssl_if_data;
int err = SSL_get_error(ctx->ssl, res);
/*
* We've just fetched the last error from the queue.
* Now we need to clear the error queue. If we do not, then the following
* can happen (actually reported):
* - A new connection is accept()-ed with cert error (e.g. self-signed cert)
* - Since all accept()-ed connections share listener's context,
* - *ALL* SSL accepted connection report read error on the next poll cycle.
* Thus a single errored connection can close all the rest, unrelated ones.
* Clearing the error keeps the shared SSL_CTX in an OK state.
*/
ERR_clear_error();
if (err == SSL_ERROR_WANT_READ) return MG_SSL_WANT_READ;
if (err == SSL_ERROR_WANT_WRITE) return MG_SSL_WANT_WRITE;
DBG(("%p %p SSL error: %d %d", nc, ctx->ssl_ctx, res, err));
@ -5865,7 +5882,7 @@ static void mg_http_free_proto_data_endpoints(struct mg_http_endpoint **ep) {
current = tmp;
}
ep = NULL;
*ep = NULL;
}
static void mg_http_free_reverse_proxy_data(struct mg_reverse_proxy_data *rpd) {
@ -7731,7 +7748,7 @@ static void mg_print_dir_entry(struct mg_connection *nc, const char *file_name,
href = mg_url_encode(mg_mk_str(file_name));
mg_printf_http_chunk(nc,
"<tr><td><a href=\"%s%s\">%s%s</a></td>"
"<td>%s</td><td name=%" INT64_FMT ">%s</td></tr>\n",
"<td>%s</td><td name=\"%" INT64_FMT "\">%s</td></tr>",
href.p, slash, path, slash, mod, is_dir ? -1 : fsize,
size);
free((void *) href.p);
@ -7797,23 +7814,24 @@ static void mg_send_directory_listing(struct mg_connection *nc, const char *dir,
mg_printf_http_chunk(
nc,
"<html><head><title>Index of %.*s</title>%s%s"
"<!DOCTYPE html><html><head><title>Index of %.*s</title>%s%s"
"<style>th,td {text-align: left; padding-right: 1em; "
"font-family: monospace; }</style></head>\n"
"<body><h1>Index of %.*s</h1>\n<table cellpadding=0><thead>"
"<tr><th><a href=# rel=0>Name</a></th><th>"
"<a href=# rel=1>Modified</a</th>"
"<th><a href=# rel=2>Size</a></th></tr>"
"<tr><td colspan=3><hr></td></tr>\n"
"</thead>\n"
"<tbody id=tb>",
"font-family: monospace; }</style></head>"
"<body><h1>Index of %.*s</h1><table cellpadding=\"0\"><thead>"
"<tr><th><a href=\"#\" rel=\"0\">Name</a></th><th>"
"<a href=\"#\" rel=\"1\">Modified</a></th>"
"<th><a href=\"#\" rel=\"2\">Size</a></th></tr>"
"<tr><td colspan=\"3\"><hr></td></tr>"
"</thead>"
"<tbody id=\"tb\">",
(int) hm->uri.len, hm->uri.p, sort_js_code, sort_js_code2,
(int) hm->uri.len, hm->uri.p);
mg_scan_directory(nc, dir, opts, mg_print_dir_entry);
mg_printf_http_chunk(nc,
"</tbody><tr><td colspan=3><hr></td></tr>\n"
"</table>\n"
"<address>%s</address>\n"
"</tbody>"
"<tfoot><tr><td colspan=\"3\"><hr></td></tr></tfoot>"
"</table>"
"<address>%s</address>"
"</body></html>",
mg_version_header);
mg_send_http_chunk(nc, "", 0);

4
mongoose.h
View File

@ -23,7 +23,7 @@
#ifndef CS_MONGOOSE_SRC_COMMON_H_
#define CS_MONGOOSE_SRC_COMMON_H_
#define MG_VERSION "6.17"
#define MG_VERSION "6.18"
/* Local tweaks, applied before any of Mongoose's own headers. */
#ifdef MG_LOCALS
@ -228,7 +228,7 @@
#include <windows.h>
#include <process.h>
#if _MSC_VER < 1700
#if defined(_MSC_VER) && (_MSC_VER < 1700)
typedef int bool;
#else
#include <stdbool.h>

2
src/common/platforms/platform_windows.h
View File

@ -50,7 +50,7 @@
#include <windows.h>
#include <process.h>
#if _MSC_VER < 1700
#if defined(_MSC_VER) && (_MSC_VER < 1700)
typedef int bool;
#else
#include <stdbool.h>

29
src/mg_http.c
View File

@ -236,7 +236,7 @@ static void mg_http_free_proto_data_endpoints(struct mg_http_endpoint **ep) {
current = tmp;
}
ep = NULL;
*ep = NULL;
}
static void mg_http_free_reverse_proxy_data(struct mg_reverse_proxy_data *rpd) {
@ -2102,7 +2102,7 @@ static void mg_print_dir_entry(struct mg_connection *nc, const char *file_name,
href = mg_url_encode(mg_mk_str(file_name));
mg_printf_http_chunk(nc,
"<tr><td><a href=\"%s%s\">%s%s</a></td>"
"<td>%s</td><td name=%" INT64_FMT ">%s</td></tr>\n",
"<td>%s</td><td name=\"%" INT64_FMT "\">%s</td></tr>",
href.p, slash, path, slash, mod, is_dir ? -1 : fsize,
size);
free((void *) href.p);
@ -2168,23 +2168,24 @@ static void mg_send_directory_listing(struct mg_connection *nc, const char *dir,
mg_printf_http_chunk(
nc,
"<html><head><title>Index of %.*s</title>%s%s"
"<!DOCTYPE html><html><head><title>Index of %.*s</title>%s%s"
"<style>th,td {text-align: left; padding-right: 1em; "
"font-family: monospace; }</style></head>\n"
"<body><h1>Index of %.*s</h1>\n<table cellpadding=0><thead>"
"<tr><th><a href=# rel=0>Name</a></th><th>"
"<a href=# rel=1>Modified</a</th>"
"<th><a href=# rel=2>Size</a></th></tr>"
"<tr><td colspan=3><hr></td></tr>\n"
"</thead>\n"
"<tbody id=tb>",
"font-family: monospace; }</style></head>"
"<body><h1>Index of %.*s</h1><table cellpadding=\"0\"><thead>"
"<tr><th><a href=\"#\" rel=\"0\">Name</a></th><th>"
"<a href=\"#\" rel=\"1\">Modified</a></th>"
"<th><a href=\"#\" rel=\"2\">Size</a></th></tr>"
"<tr><td colspan=\"3\"><hr></td></tr>"
"</thead>"
"<tbody id=\"tb\">",
(int) hm->uri.len, hm->uri.p, sort_js_code, sort_js_code2,
(int) hm->uri.len, hm->uri.p);
mg_scan_directory(nc, dir, opts, mg_print_dir_entry);
mg_printf_http_chunk(nc,
"</tbody><tr><td colspan=3><hr></td></tr>\n"
"</table>\n"
"<address>%s</address>\n"
"</tbody>"
"<tfoot><tr><td colspan=\"3\"><hr></td></tr></tfoot>"
"</table>"
"<address>%s</address>"
"</body></html>",
mg_version_header);
mg_send_http_chunk(nc, "", 0);

17
src/mg_ssl_if_openssl.c
View File

@ -10,10 +10,13 @@
#endif
#include <openssl/ssl.h>
#include <openssl/err.h>
#ifndef KR_VERSION
#include <openssl/tls1.h>
#endif
static const char *mg_default_session_id_context = "mongoose";
struct mg_ssl_if_ctx {
SSL *ssl;
SSL_CTX *ssl_ctx;
@ -75,6 +78,9 @@ enum mg_ssl_if_result mg_ssl_if_conn_init(
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
SSL_CTX_set_session_id_context(ctx->ssl_ctx,
(void *) mg_default_session_id_context,
strlen(mg_default_session_id_context));
#ifdef MG_SSL_OPENSSL_NO_COMPRESSION
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_COMPRESSION);
#endif
@ -132,6 +138,17 @@ static enum mg_ssl_if_result mg_ssl_if_ssl_err(struct mg_connection *nc,
int res) {
struct mg_ssl_if_ctx *ctx = (struct mg_ssl_if_ctx *) nc->ssl_if_data;
int err = SSL_get_error(ctx->ssl, res);
/*
* We've just fetched the last error from the queue.
* Now we need to clear the error queue. If we do not, then the following
* can happen (actually reported):
* - A new connection is accept()-ed with cert error (e.g. self-signed cert)
* - Since all accept()-ed connections share listener's context,
* - *ALL* SSL accepted connection report read error on the next poll cycle.
* Thus a single errored connection can close all the rest, unrelated ones.
* Clearing the error keeps the shared SSL_CTX in an OK state.
*/
ERR_clear_error();
if (err == SSL_ERROR_WANT_READ) return MG_SSL_WANT_READ;
if (err == SSL_ERROR_WANT_WRITE) return MG_SSL_WANT_WRITE;
DBG(("%p %p SSL error: %d %d", nc, ctx->ssl_ctx, res, err));

88
test/ca.pem
View File

@ -1,49 +1,43 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAv3/TSSi5hZDwMKG43eqe+GzR1lRMXVYt9I1Mr987v1DT99xR
Dcpfo/3aj6B/V/G67oPz+zbVZN/ZPvvA1Z82T7ixcBFsGIXgEWzxUm1UCUf51ftl
MlOaf24cdyegi0y8hRdkWLoC7w0vuMfrgR6cmpbI2LSDSMaXXX2qDoofQsFUYaJN
Nn3uqRK0ixs/jzbzbAT9q2BWYwySUX4VEgADpmi0FyANDjEhmdktxQW9l6IGGzF8
M9mA053hIgZwo+9qf9X3nfNUTWMvisMQtxm0mRYgvD53Oix08VLs6bodNTVOLQoc
H0uH3CTs+H3Z0CkcZaAJe/kwCLFhls9ee3M0nQIDAQABAoIBAQCsADPWUi3QOg6C
n79cE5AVsigHSlAMxYshTIjErs0LWZ4J0mk66bpdoXTd7Fp0szojYYGS8f1ZTXXj
jFv3g7lUgZ9d+UgN/rDy9dcLIgeJDozoFZUfTthF/LC0lXMtqw7ou8n1p51a+Y0T
ev2cS9J9R1G+0uPYSgdKgcRsqsLJQS4fu5CAk9d0aeTTl009uxcn9yfTUjwOaR5J
PuNmunAEvhE/DGSkt5oNXo7t8Q2L3mYSM0MwKdDFqoQdZAV6TMTv22Mjb6SxOOnJ
r5gNK2BmM6oNPWvzY0PoI0LcLgFNDWIMqIq4mg73MdzszakaNRDlOYtLAuKbTF3Q
SDq8OkZBAoGBAOn6B5jBxSa+5GcIIeGqtiRhDMExyblt3Gk2gaw6UIZpvVDXPWWm
r0tkGJrYecmqesN7DGmmdkyx8KONF+yzYLxSsIEGNesvVYe6PXTDZYYI57As4Z4W
DFlCDt2FaKuMXxyOlUCiXg94z8IJBJ2ldCmmG34gBSvuFe6V5x4XE3crAoGBANGG
P7AWw6uygfjog6B2dFT6n+9UhpyJlqwfPi5eD9V5JXtWlH6xWi3dRfuYAIafg95I
W8/OZGHrj44gNCgYjvZHud+H3NPJPZ7lftoay5KeShBAa/pCd67OMxp1SvvONYcp
7TSwm5s+hOJvQOpw2wg0cXnfrxGKpGLOFaRddp9XAoGAFdeXefUs2G8dl1i1AQIU
utSsgiSJtlvBJblG5bMT7VhVqgRN4P1sg9c2TM5EoETf7PvBruMxS/uYgUwcnaYp
M6tser7/rZLfoyoJrqrHAXo3VsT50u4v/O0jwh5AJTOXdW0CFeSSb1NR4cVBvw3B
CFpPWrjWgsFZHsqzpqV01b0CgYEAkDft4pDowmgumlvBLlQaotuX9q6hsWHrOjKP
JG9OSswGhq0DrWj5/5PNNe5cfk2SARChUZpo8hWoTFXSUL8GuHKKeFgWIhjkt1iU
RiAne5ZEuIb/S9UweDwqZM3TfRtlMNIlGh1uHh+cbBfUAQsJWM5wRUk4QcTCfdgI
gYhrvCUCgYBB6u8Q49RjrTBxWK8bcZOjVhYNrd3xrCunFVMt2QAXGGrRaXpqUMnp
xNUmGe9vGux+s0TRguZcLEX3vX+wFyBfFKwZY9hSU7PFY/da8echpu37JasKvAov
5+5XWI5RgF+SFVk+Q7St2BlSJa/vBAH8vtrX9Dt/hN/VSo2mAPAyMQ==
-----END RSA PRIVATE KEY-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:2a:0e:3c:6a:8c:85:ff:6e:6a:bc:db:95:51:70:ce:b4:30:78:c7
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = IE, L = Dublin, O = Cesanta, CN = Test Root
Validity
Not Before: May 9 21:51:44 2020 GMT
Not After : May 9 21:51:44 2050 GMT
Subject: C = IE, L = Dublin, O = Cesanta, CN = Test Root
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:2c:ab:d1:02:66:24:96:d7:12:3e:09:50:4f:f1:
50:ee:51:e8:55:03:5e:ba:b1:1d:98:b2:72:79:27:
a8:1b:31:0d:5d:50:21:ff:42:f2:da:74:17:5e:53:
b2:65:41:c1:fc:84:de:4a:11:b9:8c:f4:19:d9:c4:
ca:2b:ea:eb:2c
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Key Usage:
Digital Signature, Key Encipherment, Key Agreement, Certificate Sign, CRL Sign
Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:9c:71:6c:00:8c:06:41:0c:91:2f:cd:41:d3:
87:47:e9:df:3a:22:ad:25:7c:bf:0e:2b:39:dd:7a:0c:4e:68:
1d:02:21:00:8f:c1:22:30:10:61:5d:51:10:ea:08:2d:02:63:
67:67:32:b5:06:63:96:57:bb:78:47:0a:88:d9:19:2e:f3:be
-----BEGIN CERTIFICATE-----
MIIDjjCCAnagAwIBAgIJAIOEuwkahzkOMA0GCSqGSIb3DQEBBQUAMDgxCzAJBgNV
BAMTAm5zMQswCQYDVQQKEwJuczELMAkGA1UEBhMCSUUxDzANBgNVBAcTBkR1Ymxp
bjAeFw0xNDA4MzAxOTA3NDNaFw0yNDA4MjcxOTA3NDNaMDgxCzAJBgNVBAMTAm5z
MQswCQYDVQQKEwJuczELMAkGA1UEBhMCSUUxDzANBgNVBAcTBkR1YmxpbjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9/00kouYWQ8DChuN3qnvhs0dZU
TF1WLfSNTK/fO79Q0/fcUQ3KX6P92o+gf1fxuu6D8/s21WTf2T77wNWfNk+4sXAR
bBiF4BFs8VJtVAlH+dX7ZTJTmn9uHHcnoItMvIUXZFi6Au8NL7jH64EenJqWyNi0
g0jGl119qg6KH0LBVGGiTTZ97qkStIsbP48282wE/atgVmMMklF+FRIAA6ZotBcg
DQ4xIZnZLcUFvZeiBhsxfDPZgNOd4SIGcKPvan/V953zVE1jL4rDELcZtJkWILw+
dzosdPFS7Om6HTU1Ti0KHB9Lh9wk7Ph92dApHGWgCXv5MAixYZbPXntzNJ0CAwEA
AaOBmjCBlzAdBgNVHQ4EFgQUsz/nOHpjMkV8pk9dFpy41batoTcwaAYDVR0jBGEw
X4AUsz/nOHpjMkV8pk9dFpy41batoTehPKQ6MDgxCzAJBgNVBAMTAm5zMQswCQYD
VQQKEwJuczELMAkGA1UEBhMCSUUxDzANBgNVBAcTBkR1YmxpboIJAIOEuwkahzkO
MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEDOtAl7bgAXgcL3HRlV
H71tkUaok589PIqsTE4d8s8tFBZ92CyWD8ZPU46HbbyJXMFoFxiN7PvCzOBlgoZM
r80HJWZc9tSlqK0NIbIyk1aeM06+F8qB+8/vw/spIkdYzDv3avwyOrc6fFnEzbwz
5BFFrF2G9JajRKAP5snAV9iM8I2TD4l+w75MXXl7/DBEohdMBsTeDrrXj4q4sgoB
L/yLeCoK6inkMTU5DwcGbiqvNnZA+9T654qlAlKjPMObGGPphK5/QKcOnV7Qtdju
DHzDsDimdVbz9G1cxXs/AI/35GD7IDTdNTtmBhkf4/tsQ7Ua80xpIowb1fFUHmo1
UAo=
MIIBqjCCAU+gAwIBAgIUESoOPGqMhf9uarzblVFwzrQweMcwCgYIKoZIzj0EAwIw
RDELMAkGA1UEBhMCSUUxDzANBgNVBAcMBkR1YmxpbjEQMA4GA1UECgwHQ2VzYW50
YTESMBAGA1UEAwwJVGVzdCBSb290MCAXDTIwMDUwOTIxNTE0NFoYDzIwNTAwNTA5
MjE1MTQ0WjBEMQswCQYDVQQGEwJJRTEPMA0GA1UEBwwGRHVibGluMRAwDgYDVQQK
DAdDZXNhbnRhMRIwEAYDVQQDDAlUZXN0IFJvb3QwWTATBgcqhkjOPQIBBggqhkjO
PQMBBwNCAAQsq9ECZiSW1xI+CVBP8VDuUehVA166sR2YsnJ5J6gbMQ1dUCH/QvLa
dBdeU7JlQcH8hN5KEbmM9BnZxMor6ussox0wGzAMBgNVHRMEBTADAQH/MAsGA1Ud
DwQEAwIBrjAKBggqhkjOPQQDAgNJADBGAiEAnHFsAIwGQQyRL81B04dH6d86Iq0l
fL8OKzndegxOaB0CIQCPwSIwEGFdURDqCC0CY2dnMrUGY5ZXu3hHCojZGS7zvg==
-----END CERTIFICATE-----

91
test/client.pem
View File

@ -1,45 +1,50 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAwV5xaK7ez2/TX7vSgJ0a3YbZj2l1VQ2rMzqO1Id01xlWbF/U
rebwhAdVtWcT9R6RaBTPDGaILkV38u77M2BxIHX4MSnR6WezoA2bGMgvt3+tq2N6
q+xkj57vwBEqedBjscVtFkoWtsX8pKwtNlMB1NvTa8p5+BNsvpvzaDX+51+FotId
wvieQfQYgFg36HpOtOyyIV31rZ/5+qtoce8gU6wApHxmovTnQPoduNM6fOUJCHDd
Lz90EeBREtoTVgoWcKvQoCEwJQSBmeDZgkA8Q1OYmbYoS12tIyi8rTkseRj5BvPH
iXfNmHFKliAjvlsml5qI44I9DoagPubTf6qR5wIDAQABAoIBACZ6VZTgH0Ql22jU
ZhnjqUHloIsyEAABvUxvXZaa8bwPtavREfAc4UVUdFCpl0YSdBrC8URlbrnOZwT3
WxMpILm139JgoP2R/iNeMbunsh8QkA1nuTRW0NfnZ4vPnqUou33XbFKgIY7zLMfT
3xdNQzMJHzP20Xh03RG81J2rCPMfLScTRo2XxcSxmhhS/p2WLk6pnmMHiNgYGGwX
gcdK5lIVjMMNxgcltC30x90v0o0GDRM8/+wua+/vfn8rr3iudv9IHzL8xIzpi6NY
CXJ8Kxd6Jtgsr3Boj5i6Mqi3Q/Trxt+rIA4bKAFXxwcp4+GmRIJtQFFiTWXpLCPC
tLT4CHECgYEA7iCbrGjWHJ4QsUWUGrGlw1/sQ0SIv9BdZm8RydHzpRVtQOi+YOuU
i6raVaXWzUBKgKcs/htVjAMTiePs/yhlU/MGXivz6uTX/nrD7ISJImmK2K50hgUe
+UBnFKmBMVaNxD9RFWPJkfmNXfW7nBkqSa9CxlBcYPuOcPtZDqRl+gkCgYEAz+HX
8wh3SHKb1cAI+o4caclpUTpGa9/zW4k+7gOh72WCKaqxTNvBvNyZGdXc9t5ToDSf
xxsDXWG10lcHBIGLj4QBEoSWp9I43lid5swY3mCo7CjTl+1l03IfDNaC6CYQFp5p
ZnKlsQUwR38t/uiyZpnnicCAZjqIfJbeQ5jD6G8CgYB8ufmwQa08ihJmN/KOVNRl
VF31EfWquqHhYHXpxx2eL23tXLszGtHQoioASIANPAqJ/oaTho+1aXsXc5oUP/1r
DlUciFsXgswb0APFY9pMewmt2xrPg+koVvJnIS25QQO6cguvb3gKDLNeLrMY3RmI
RNNt+nOYnMqMJSsNf1CmuQKBgQCiCZxWaCbyZcNqncFh7BvhqYlaM15o/6ulkhln
VZWIEUugRtjk2/bry9fa94TBORNeMSbKABhjVaJwTj2+GWw7dd2QHaGBNq/1QIX0
POq1jAqf6kLkjbttUes6CosHgYPQ3bGylXLpxO2ZDV1A8Qj+SMDd8xsilEWHN+IQ
NqeeKQKBgQDe4c7VVG+WvRRKshTh8+tjzc9nXKE2AWgwnw729SMFZO/WqX2FPp2C
7C99XJTVBsCBy8VzuyaojeTKkag0YL3v6UTZYUeyu0YTHGQ33WVPaqdCAo840nmG
ttwHVqshB9c67HHiYOOFt1VmT3xW6x6yympUyRqR0L+BZ1wOS3h2vQ==
-----END RSA PRIVATE KEY-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:d8:95:71:ba:5f:70:c8:4d:6a:e8:a6:0f:aa:40:d5:fc:d9:bc:6e
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = IE, L = Dublin, O = Cesanta, CN = Test Root
Validity
Not Before: May 9 21:51:52 2020 GMT
Not After : May 9 21:51:52 2030 GMT
Subject: CN = client
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:e2:2e:72:7b:b6:2d:a3:d3:3b:0e:b1:4e:8a:09:
19:66:ff:d6:0e:d4:3f:47:8c:20:ab:06:db:25:77:
8b:2a:ac:fa:a4:e2:f8:97:ba:10:c5:fa:5d:0b:ee:
28:16:56:78:0f:30:17:2b:6b:04:6c:dc:c8:f8:12:
23:d3:2f:01:58
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
TLS Web Client Authentication
Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:de:e5:30:ae:50:e9:a7:14:a0:c3:79:29:df:
bf:d3:a3:f8:19:b0:19:b5:ab:3e:6e:c9:29:18:86:ff:fe:a7:
b0:02:21:00:f5:ba:90:d6:1c:fe:ff:05:44:9a:b1:20:2c:ee:
00:68:20:85:f7:0f:86:a2:13:1e:86:9a:03:6d:74:aa:72:c2
-----BEGIN CERTIFICATE-----
MIIC6DCCAdACBRQJQlZlMA0GCSqGSIb3DQEBBQUAMDgxCzAJBgNVBAMTAm5zMQsw
CQYDVQQKEwJuczELMAkGA1UEBhMCSUUxDzANBgNVBAcTBkR1YmxpbjAeFw0xNDA4
MzAxOTA3NDRaFw0yNDA4MjcxOTA3NDRaMDgxCzAJBgNVBAMTAm5zMQswCQYDVQQK
EwJuczELMAkGA1UEBhMCSUUxDzANBgNVBAcTBkdhbHdheTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMFecWiu3s9v01+70oCdGt2G2Y9pdVUNqzM6jtSH
dNcZVmxf1K3m8IQHVbVnE/UekWgUzwxmiC5Fd/Lu+zNgcSB1+DEp0elns6ANmxjI
L7d/ratjeqvsZI+e78ARKnnQY7HFbRZKFrbF/KSsLTZTAdTb02vKefgTbL6b82g1
/udfhaLSHcL4nkH0GIBYN+h6TrTssiFd9a2f+fqraHHvIFOsAKR8ZqL050D6HbjT
OnzlCQhw3S8/dBHgURLaE1YKFnCr0KAhMCUEgZng2YJAPENTmJm2KEtdrSMovK05
LHkY+Qbzx4l3zZhxSpYgI75bJpeaiOOCPQ6GoD7m03+qkecCAwEAATANBgkqhkiG
9w0BAQUFAAOCAQEAJ+wZ/IgAF5LIu0yOfJlaFRJLunKHZENigiVjYvkTdM7NI3O2
1AZGY4O8H5Fs3YT5ZY3vas/n6IwWTk3o/JSPXojMFo82XkbI1k2cm3oLtwgEGN3p
s5yFsjZE3H7fQJ9wHIzESBPHFY6dwwgMsNENuAM2zkwFpbAkisKhjK+EyUCXauok
7zJY6RVPMaNojsje4iE/SBtSOnK/9WDBAgpCznHrSChJmKs4FsU7ZTO+Dg+0vQln
l8/yBcEGAFe0GA2D9NvZKH5IoNmitvtU9zdNDK4dzC3Q+C28IjW5jE8peDFtdGs1
P0u4kRxmb4UH1DchgoWlZjL2lSFScJ7L4xY2aQ==
MIIBhzCCASygAwIBAgIUA9iVcbpfcMhNauimD6pA1fzZvG4wCgYIKoZIzj0EAwIw
RDELMAkGA1UEBhMCSUUxDzANBgNVBAcMBkR1YmxpbjEQMA4GA1UECgwHQ2VzYW50
YTESMBAGA1UEAwwJVGVzdCBSb290MB4XDTIwMDUwOTIxNTE1MloXDTMwMDUwOTIx
NTE1MlowETEPMA0GA1UEAwwGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAE4i5ye7Yto9M7DrFOigkZZv/WDtQ/R4wgqwbbJXeLKqz6pOL4l7oQxfpdC+4o
FlZ4DzAXK2sEbNzI+BIj0y8BWKMvMC0wCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gw
EwYDVR0lBAwwCgYIKwYBBQUHAwIwCgYIKoZIzj0EAwIDSQAwRgIhAN7lMK5Q6acU
oMN5Kd+/06P4GbAZtas+bskpGIb//qewAiEA9bqQ1hz+/wVEmrEgLO4AaCCF9w+G
ohMehpoDbXSqcsI=
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgk5sv3YwDGTm29Czy
UWuKlbfbvZqZv1fFRBOn2S0D7SuhRANCAATiLnJ7ti2j0zsOsU6KCRlm/9YO1D9H
jCCrBtsld4sqrPqk4viXuhDF+l0L7igWVngPMBcrawRs3Mj4EiPTLwFY
-----END PRIVATE KEY-----

91
test/server.pem
View File

@ -1,45 +1,50 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA1mONQ0hAXOL9lb15Pz4fqXXNHREsF3a7/NoMJdQDclx0+a32
MhuHcO6R7Fhsc0mZMuzbmAFLMmIIgXPMKQBZLoA12yCBlZPyKFoWUhFrLa3gUjO6
CZlBKqkUVEACpVrQ41ihapeeUHa0uryt3tXwMn2/853yzi1uciGYi4ULTy3yTE/n
qRIVJLiBDSC9WNFLg26f/W4YRW7tANOk2b/W/Ws9B/n7vNDgHG7Lpd38YTpFhhXT
n3xlt/VcczkQhW79Moh6/lY6sLg6H15EjHKHeTn8t9BRm+qYi/CvC258YF/Qz/qK
agSsLT/3FrQ6+aQgg/Eyao0IWAql49PQNxuwPQIDAQABAoIBAQC5y3S1BnyhAyb5
Ckd1g4U0+x5TPnqTqxanvuAgOGj0RyQo7ZYbPrhWKqrTxJ3YG8Rk2dhFF3nvo/3z
EkOwlNi07++8g6NJ2flW9xu469eSsslg8+saPnK3Yeh4SzD/1ICLRlg9ZECTQwzF
eJbGM2oCl/AuVIgEHmNFDdCBuT9f0b7j3/Z3aK3lKzqzBYQgZ5fd8UxT+Kn4oAuS
cLr3lQT1s6xZOAYn7O2GvXEC+yMMbvm0a97MdwSpQez1WcE9YxtCgAWwn5EmSXlh
296iLtbaM1wgYOykJUOUoSgijf8pUfotk4Zj/y1KPHXePgAlyGCtE1zasiYb5K+5
LuajD++BAoGBAPpKWLNzQBwQLiFaJgt6bLOxlEUR+EnjdFePDPJtyCCCiKJiKO5c
Z5s/FT1JDQawouhjQwYqT48hbGBPjWRHkSkzB7+cg6FVSKkQRYX2TsSFvN+KCu32
oSgDV9cFo68v1csoZIQ41TtHC82db4OTv9MPUe3Glujnep1TOTwspAM1AoGBANtH
i+HWKOxOm7f/R2VX1ys9UjkAK+msac512XWSLAzBs7NFnB7iJ7m3Bh3ydb1ZiTgW
l6bIdoT8TLPYNIXJ6uohhxPU5h3v81PHqIuJMBtmHCQjq3nxeH9mOsfjOFvS1cQa
At45F9pK/5sQpOkkaBGSv8jXUFIKBEDBErourVHpAoGAK0gSAK4sZu3xXDkfnRqF
k6lgr3UFD5nys3V8UqvjUKPiBtqco2N9Ux5ciOWKCB8hfLg1jephKaoo+JqpI68w
jgRSEbN6G7sIvpueuiS2yEssNyfC7hWZFrdFSFykSpYmDWSlxSuizAZkJyFTeFhj
cpcSnuCZlhr5XB1ZJ2u8zQUCgYEAke5QgpCDFZjO+ynR+vj1gppBwRuDHfUXSUaW
3S7VT/wNOq6F0uvRYkASuxVkFAqlToWCkYVxktlRtpKZibwyMXT0r1cNejj5Z/VF
Du/S6zkOW2K9uN7hwW9oiSSHmlx61RI2fGvkmus0pp7yERKgi6ltJx1cH+z4nZug
efWcdRkCgYBy+XdmsxgNZOunlSC6VZiD0Ve/VFrCtKPWUivKDAZZPKl0T/1tbTwb
I/N4zTF82jx88rDz+6jN5nOy9qbSR5TeCy6WlBesTvXm49awr5jSK3WkcLgmO+JI
Zr2ozCBhUG6RvVsUPp2kXEsmwZMV/e9faFAlIXeJhKum6hZmfOgodg==
-----END RSA PRIVATE KEY-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:73:28:55:df:13:b5:61:f5:4f:4f:5d:00:d9:0a:d8:b5:3a:21:4b
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = IE, L = Dublin, O = Cesanta, CN = Test Root
Validity
Not Before: May 9 21:51:49 2020 GMT
Not After : May 9 21:51:49 2030 GMT
Subject: CN = server
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:92:e0:46:9c:89:c3:37:a9:74:eb:35:55:43:55:
5c:ac:eb:c7:e4:50:ee:f4:c0:ba:17:02:5c:d9:ed:
b4:d4:ff:21:12:9a:b4:43:f4:89:4b:69:e4:6d:2b:
96:1f:fc:01:4d:30:5a:79:73:76:ba:19:41:cc:c5:
16:2b:bf:74:28
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
TLS Web Server Authentication
Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:fa:3a:c7:1e:cb:8c:27:59:41:8d:77:dd:7b:
cb:8c:08:15:16:b9:6e:70:e6:47:38:d1:55:42:e0:d7:66:c8:
f0:02:21:00:cc:70:4d:96:28:00:d3:c7:39:53:74:b2:49:87:
27:92:1b:ab:1a:0e:74:06:59:42:23:47:98:43:d8:20:a7:fa
-----BEGIN CERTIFICATE-----
MIIC6DCCAdACBRQJQlZkMA0GCSqGSIb3DQEBBQUAMDgxCzAJBgNVBAMTAm5zMQsw
CQYDVQQKEwJuczELMAkGA1UEBhMCSUUxDzANBgNVBAcTBkR1YmxpbjAeFw0xNDA4
MzAxOTA3NDNaFw0yNDA4MjcxOTA3NDNaMDgxCzAJBgNVBAMTAm5zMQswCQYDVQQK
EwJuczELMAkGA1UEBhMCSUUxDzANBgNVBAcTBkdhbHdheTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBANZjjUNIQFzi/ZW9eT8+H6l1zR0RLBd2u/zaDCXU
A3JcdPmt9jIbh3DukexYbHNJmTLs25gBSzJiCIFzzCkAWS6ANdsggZWT8ihaFlIR
ay2t4FIzugmZQSqpFFRAAqVa0ONYoWqXnlB2tLq8rd7V8DJ9v/Od8s4tbnIhmIuF
C08t8kxP56kSFSS4gQ0gvVjRS4Nun/1uGEVu7QDTpNm/1v1rPQf5+7zQ4Bxuy6Xd
/GE6RYYV0598Zbf1XHM5EIVu/TKIev5WOrC4Oh9eRIxyh3k5/LfQUZvqmIvwrwtu
fGBf0M/6imoErC0/9xa0OvmkIIPxMmqNCFgKpePT0DcbsD0CAwEAATANBgkqhkiG
9w0BAQUFAAOCAQEAoVXK97WA24tp3JyPBJKr28gFSUtOBNDPdY8atWaqw7PwUIIM
qhs3BTag96tgSoaISRwRphz2LM1Cl+QlItYXySAnxPKrUsA0S6DlxnA6Hq3s2wTR
6yIT7oDUDKcWkVQcQmuNGdfxCvZXkCih9lnQn++xHcuVn9mZmjXW2xk42ljDTZCp
CM29betpcmuho6sFXsBhY7WjQWg7UpRZat0bOwleS4fsePebMKrnr/6cq4bVw59U
XvhSFBlLoGMYteJ82fOYH6pUO1hiPr6ww5d819LPcJEcRpcxCdQZqIq680Kp7+GY
0wkyOYr0gkNwWVP7IUZ0FExaQ/s54g71Kd0OgA==
MIIBhzCCASygAwIBAgIUbnMoVd8TtWH1T09dANkK2LU6IUswCgYIKoZIzj0EAwIw
RDELMAkGA1UEBhMCSUUxDzANBgNVBAcMBkR1YmxpbjEQMA4GA1UECgwHQ2VzYW50
YTESMBAGA1UEAwwJVGVzdCBSb290MB4XDTIwMDUwOTIxNTE0OVoXDTMwMDUwOTIx
NTE0OVowETEPMA0GA1UEAwwGc2VydmVyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEkuBGnInDN6l06zVVQ1VcrOvH5FDu9MC6FwJc2e201P8hEpq0Q/SJS2nkbSuW
H/wBTTBaeXN2uhlBzMUWK790KKMvMC0wCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gw
EwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSQAwRgIhAPo6xx7LjCdZ
QY133XvLjAgVFrlucOZHONFVQuDXZsjwAiEAzHBNligA08c5U3SySYcnkhurGg50
BllCI0eYQ9ggp/o=
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQglNni0t9Dg9icgG8w
kbfxWSS+TuNgbtNybIQXcm3NHpmhRANCAASS4EacicM3qXTrNVVDVVys68fkUO70
wLoXAlzZ7bTU/yESmrRD9IlLaeRtK5Yf/AFNMFp5c3a6GUHMxRYrv3Qo
-----END PRIVATE KEY-----

29
tools/amalgam.py
View File

@ -1,4 +1,4 @@
#!/usr/bin/env python
#!/usr/bin/env python3
#
# Generate a reversible amalgamation of several C source files
# along with their required internal headers.
@ -32,10 +32,10 @@
#
import argparse
import io
import re
import sys
import os
from StringIO import StringIO
parser = argparse.ArgumentParser(description='Produce an amalgamated source')
parser.add_argument('--prefix', default="NS",
@ -65,11 +65,11 @@ class File(object):
def __init__(self, name, parent_name):
self.name = name
self.parent_name = parent_name
self.buf = StringIO()
self.buf = io.StringIO()
emit_file(self.buf, self.name, self.parent_name)
def emit(self):
print self.buf.getvalue(),
print('%s' % self.buf.getvalue(), end='')
args = parser.parse_args()
@ -104,21 +104,20 @@ def resolve(path, parent_name):
break
if os.path.exists(p) and not args.norel:
p = os.path.realpath(p).replace('%s%s' % (os.getcwd(), os.sep), '')
# print >>sys.stderr, '%s %s -> %s (cwd %s)' % (path, parent_name, p, os.getcwd())
return p.replace(os.sep, '/')
def emit_line_directive(out, name, parent_name):
print >>out, '''#ifdef %(prefix)s_MODULE_LINES
print ('''#ifdef %(prefix)s_MODULE_LINES
#line 1 "%(name)s"
#endif''' % dict(
prefix = args.prefix,
name = resolve(name, parent_name),
)
), file=out)
def emit_body(out, name, parent_name):
resolved_name = resolve(name, parent_name)
if not args.strict and not os.path.exists(resolved_name):
print >>out, '#include "%s"' % (name,)
print('#include "%s"' % name, file=out)
return
with open(resolved_name) as f:
@ -130,7 +129,7 @@ def emit_body(out, name, parent_name):
if re.match('\s*\*/$', l):
in_comment = False
if not re.match('.*Copyright.*Cesanta', comment, re.M | re.S):
print >>out, comment,
out.write(comment)
continue
if re.match('/\*$', l):
@ -145,9 +144,9 @@ def emit_body(out, name, parent_name):
if not should_ignore(path_to_include, parent_name):
already_included.add(path_to_include)
includes.append(File(path_to_include, resolved_name))
print >>out, '/* Amalgamated: %s */' % (all,)
print('/* Amalgamated: %s */' % all, file=out)
else:
print >>out, l,
out.write(l)
def emit_file(out, name, parent_name):
@ -174,17 +173,17 @@ if sys.platform == "win32":
if args.license:
with open(args.license) as f:
print f.read()
print(f.read())
if args.public:
print '#include "%s"' % (args.public)
print('#include "%s"' % args.public)
for i in includes:
i.emit()
if args.export:
print '#ifndef %s_EXPORT_INTERNAL_HEADERS' % (args.prefix,)
print('#ifndef %s_EXPORT_INTERNAL_HEADERS' % (args.prefix,))
for i in sources:
i.emit()
if args.export:
print '#endif /* %s_EXPORT_INTERNAL_HEADERS */' % (args.prefix,)
print('#endif /* %s_EXPORT_INTERNAL_HEADERS */' % (args.prefix,))